<?php defined('SYSPATH') or die('No direct script access.');
//$r = RedisDB::instance();
//$r->hGet()
//$roles =
return array(

	/*
	 * The Authentication library to use
	 * Make sure that the library supports:
	 * 1) A get_user method that returns FALSE when no user is logged in
	 *	  and a user object that implements Acl_Role_Interface when a user is logged in
	 * 2) A static instance method to instantiate a Authentication object
	 *
	 * array(CLASS_NAME,array $arguments)
	 */
	'lib' => array(
        'class'  => 'Auth', // (or AUTH)
        'params' => array('auth')
    ),

	'exception' => FALSE,

	/*
	 * The ACL Roles (String IDs are fine, use of ACL_Role_Interface objects also possible)
	 * Use: ROLE => PARENT(S) (make sure parent is defined as role itself before you use it as a parent)
	 */

	'roles' => array
	(
	    'dispatcher' => 'login',
	    'mechanic' => 'login',
	    'personnel' => 'login',
	    'medic' => 'login',
		'admin'  => 'dispatcher',
		'admin'  => 'mechanic',
		'admin'  => 'personnel',
		'admin'  => 'medic',
		'login'  => 'guest',
	),

	/*
	 * The name of the guest role
	 * Used when no user is logged in.
	 */
	'guest_role' => 'guest',

	/*
	 * The ACL Resources (String IDs are fine, use of ACL_Resource_Interface objects also possible)
	 * Use: ROLE => PARENT (make sure parent is defined as resource itself before you use it as a parent)
	 */
/*
	'resources' => array
	(
		'employee' => NULL,
		'transport' => NULL,
		'attach' => NULL,
	),
*/
	/*
	 * The ACL Rules (Again, string IDs are fine, use of ACL_Role/Resource_Interface objects also possible)
	 * Split in allow rules and deny rules, one sub-array per rule:
	     array( ROLES, RESOURCES, PRIVILEGES, ASSERTION)
	 *
	 * Assertions are defined as follows :
			array(CLASS_NAME,$argument) // (only assertion objects that support (at most) 1 argument are supported
			                            //  if you need to give your assertion object several arguments, use an array)
	 */
/*
	'rules' => array
	(
		'allow' => array
		(
			// guest can read blog
			'guest1' => array(
				'role'      => 'guest',
				'resource'  => array('employee','transport','attach'),
				'privilege' => 'read',
			),
			'personnel1' => array(
				'role'      => 'personnel',
				'resource'  => 'employee',
				'privilege' => array('add','edit','delete'),
			),

			'mechanic1' => array(
				'role'      => 'mechanic',
				'resource'  => 'transport',
				'privilege' => array('add','edit','delete'),
			),
			// authors can add blogs
			'dispatcher1' => array(
				'role'      => 'dispatcher',
				'resource'  => 'attach',
				'privilege' => array('add','edit','delete'),
			),
			// administrators can delete and edit everything
			'admin1' => array(
				'role'      => 'admin',
				'resource'  => array('employee','transport','attach'),
				'privilege' => array('add','edit','delete'),
			),
		),
		'deny' => array
		(
			  // no deny rules in this example
		)
	)
*/
);